The AIOps journey: Navigating the path to proactive IT operations
Enable AI empowered IT operations without the hassles. Learn everything you need to know about AIOps today.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Technology
Cloud Threats Memo: Threat Actors Increasingly Exploiting Google Drive
Google Drive continues to be one of the most abused cloud services by threat actors, and the latest edition (April 2023) of the Threat Horizons Report, released by security researchers in Google’s Threat Analysis Group (TAG), shows more interesting examples of how opportunistic and state-sponsored threat actors are exploiting its flagship cloud storage service, to conduct malicious campaigns (and by the way, Netskope Cloud and Threat Report is quoted in the report).
Friend or foe: AI chatbots in software development
Yes, AI chatbots can write code very fast, but you still need human oversight and security testing in your AppSec program. Chatbots are taking the tech world and the rest of the world by storm—for good reason. Artificial intelligence (AI) large language model (LLM) tools can write things in seconds that would take humans hours or days—everything from research papers to poems to press releases, and yes, to computer code in multiple programming languages.
ChatGPT DLP Filtering: How to Use ChatGPT without Exposing Customer Data
Advancements in AI have led to the creation of generative AI systems like ChatGPT, which can generate human-like responses to text-based inputs. However, these inputs are at the discretion of the user and they aren’t automatically filtered for sensitive data. This means that these systems can also be used to generate content from sensitive data, such as medical records, financial information, or personal details.
Vanta has joined the AWS ISV Accelerate Program
Today I’m excited to share the latest milestone in our growing partner ecosystem: Vanta has joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program. The AWS ISV Accelerate Program is a co-sell program for AWS Partners who provide software solutions that run on or integrate with AWS. Vanta’s acceptance into the program enables us to work in close collaboration with the AWS sales team to meet customer needs and provide better outcomes.
Secure by default: recommendations from the CISA's newest guide, and how Cloudflare follows these principles to keep you secure
When you buy a new house, you shouldn’t have to worry that everyone in the city can unlock your front door with a universal key before you change the lock. You also shouldn’t have to walk around the house with a screwdriver and tighten the window locks and back door so that intruders can’t pry them open.
OpenAI Transparency Report Highlights How GPT-4 Can be Used to Aid Both Sides of the Cybersecurity Battle
The nature of an advanced artificial intelligence (AI) engine such as ChatGPT provides its users with an ability to use and misuse, potentially empowering both security teams and threat actors alike. I’ve previously covered examples of how ChatGPT and other AI engines like it can be used to craft believable business-related phishing emails, malicious code, and more for the threat actor.
An Insider's View: The Updated OWASP API Top 10
Stephanie Best, Director of Product Marketing, and Yaniv Balmas, VP of Research at Salt Labs, discuss what you need to know about the new 2023 OWASP API Security Top 10 release candidate. As a member of the OWASP committee that helped shaped the latest report, Yaniv takes you behind the scenes to learn what changed, what stayed the same, and why these decisions were made.
A CISOs Guide To The New 2023 OWASP API Security Update
The OWASP API Security Project team recently posted the Top-10 API risks Release Candidate (RC) for 2023. Last updated in 2019, this new version is designed to help organizations understand the top threats against APIs and how to secure them. In this webinar, we will dig into the OWASP API Security Top-10 2023RC and discuss: We will share some of our data-driven insights, derived from our quarterly API ThreatStats(tm) Reports, and show how you can protect your APIs in real-time from the most impactful API threats.
A Practitioner's Guide to the New 2023 OWASP API Security Update
The OWASP API Security Top-10 risks Release Candidate (RC) is now out for comment. This new version is designed to update your understanding of the top threats against APIs and how to secure them. In this deep-dive webinar, we will dig into each of the OWASP API Security Top-10 2023 RC risks and discuss: The focus of this 2nd webinar in the series will be on what practitioners – builders, breakers, defenders, and DevSecOps – need to know to better protect their APIs.